<?php

class Core_Backend_Component_Index_Controller_Index extends Dcmp_Component_Controller {

    public function indexAction() {
        return $this->templateResult();
    }

    public function UnauthorizedAction() {
        return $this->viewResult();
    }

    public function UncertifiedAction() {
        return $this->viewResult();
    }

    public function loginAction($user_name, $password) {
        $account = App::getModel('permission/account')->loadByUserName($user_name);
        if (!$account->getId()) {
            $this->getMessager()->addError('Error');
            return $this->templateResult(NULL, 'index');
        }
        if ($account->getPassword() != md5($password)) {
            $this->getMessager()->addError('Error');
            return $this->templateResult(NULL, 'index');
        }
        if(!$account->getIsBackend()){
            $this->getMessager()->addError('Error');
            return $this->templateResult(NULL, 'index');
        }

        $this->getSession()->set('managed_area_id', '2f3bdbb514e311e0a9012f80f44680b2');
		$identity = Kd_Web::getIdentity();
        $identity->setId($account->getId())
                 ->setName($account->getUserName())
                 ->setGrade($account->getGrade())
                 ->setIsBackendUser($account->getIsBackend()); 		
		if($account->getGrade() != 'sa'){
	        $roles = $account->getRoles($this->getSession()->get('managed_area_id'))->load();
	        $actions = App::getModel('permission/collection_action')
	        			->joinRole()
	        			->filterByRoleIds($roles->getItemPropertyValue('id'))
	        			->load();
	        
	        $identity->addRoleIds($roles->getItemPropertyValue('id'))
	        		 ->addRole($roles->getItemPropertyValue('code'))
	                 ->addAction($actions->getItemPropertyValue('code')); 
		}                               
        $identity->login();
        return $this->redirectResult($this->getUrl(NULL, 'main'));
    }

    public function passwordPostAction($oldPassword,$newPassword,$confirmPassword) {
        $DbUsername = App::getModel('permission/account')->loadByUserName($this->getIdentity()->getName());

        if (!$DbUsername->getId()) {
            $this->getMessager()->addError($this->__f('share.label.wrong','{share.label.username}'));
            return $this->viewResult(NULL,'password');
        }

        if ($newPassword != $confirmPassword) {
            $this->getMessager()->addError($this->__f('share.label.wrong','{share.label.password}'));
            return $this->viewResult(NULL,'password');
        }

        if (md5($oldPassword) != $DbUsername->getPassword()) {
            $this->getMessager()->addError($this->__f('share.label.wrong','{share.label.password}'));
            return $this->viewResult(NULL,'password');
        }

        $DbUsername->changePassword($this->getIdentity()->getName(), $newPassword);
        $this->getMessager()->addError($this->__f('share.label.changesuccess','{share.label.password}'));
        return $this->viewResult();
    }

    public function logoutAction() {
        Kd_Web::getIdentity()->logout();
        Kd_Web::getSession()->abort();
        header("Expires: Mon, 26 Jul 1970 05:00:00 GMT");
        header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
        header("Cache-Control: no-cache, must-revalidate");
        header("Pragma: no-cache");
        echo '<meta http-equiv=refresh content="0;url=/logout.html">';
        die();
//        return $this->redirectResult('/logout.html');
    }

    public function mainAction() {
        return $this->templateResult();
    }
    
    public function passwordAction(){
        return $this->templateResult();
    }
}